<?php include("includes/header.php"); ?>

<?php
	$newpass = $_POST['newpass'];
	$newpass1 = $_POST['newpass1'];
	$email = $_POST['email'];
	$code = $_GET['code'];
	
	if($newpass == $newpass1){
		$enc_pass = SHA1($newpass);
		
		mysqli_query($dbc, "UPDATE User SET password  ='$enc_pass' WHERE email='$email'");
		mysqli_query($dbc, "UPDATE User SET passreset ='0'         WHERE email='$email'");
		
		echo "<font color='green'> Your password has been successfully updated.";
	}
	else{
		echo "Passwords do not match";
	}
?>

<?php include("includes/footer.php"); ?>